GDPR, privacy and control

[greengeek]

Is GDPR a privacy aid or a privacy wedge being subtly used to crack open our defences?

https://nakedsecurity.sophos.com/2018/0 ... -patterns/

The article also makes some highly critical comments about Facebook's efforts to force users to retain facial recognition technology - making it unnecessarily hard for users to turn of facial recognition.

Very good article.

Facebook, Google and Microsoft are three tech companies that have been showing their users these pop-ups to ensure that they’re on the right side of European law. Now, privacy advocates have analysed these pop-ups and have reason to believe that the tech trio are playing subtle psychological tricks on users. They worry that these tech giants are guilty of using ‘dark patterns’ – design and language techniques that make it more likely that users will give up their privacy.

In the case of GDPR privacy notifications, Facebook and Google used a combination of aggressive language and inappropriate default selections to keep users feeding them personal data, the report alleges.

Facebook was equally flawed in its choices around facial recognition, which it has recently introduced in Europe after a six-year hiatus due to privacy concerns. It turns on this technology by default unless users actively turn it off, making them go through four more clicks than those that just leave it as-is.

The report had specific comments about this practice of making users jump through hoops to select the most privacy-friendly option:

If the aim is to lead users in a certain direction, making the process toward the alternatives a long and arduous process can be an effective dark pattern.

[nosystemdthanks]

to be fair to users and to reality itself, gdpr is a band-aid.

to be fair to gdpr proponents, it would probably be fair to say that about any legislation that could possibly undo any of the harm that facebook has done.

if you really want to change the world, you have to change the culture. thats what facebook is doing in a very bad way (its bad for sure, its absolute exploitation, theres no way to sugar-coat it that isnt bs, randi zuck is a very BAD PERSON) and if you want to fix it, relying on legislation is naive at best.

that doesnt mean im against gdpr, it just wont be enough. maybe laws shouldnt be relied on to fix everything.

so what youre asking is, will gdpr make things worse? i dont know, but if its ever going to get better, it will take a lot of changes. gdpr wont be enough, for sure. if people think it is-- that would be bad; i dont know why they would think that, someone would have to be very silly to think its enough.

[Moat]

So true @GG - with all of the Google and FB policy prompts over the past few weeks, I decided to dig in and revisit turning off what I could. The process was so incredibly convoluted, lengthy and blatantly obviously designed to bamboozle and mislead - just to get to the necessary selections which themselves were all but hidden and/or deliberately unclearly worded - I wasn't even sure if I'd accomplished what I set out to do in the first place, and basically gave up in disgust.

So disgusting it is, indeed - on so many levels it makes me ill to contemplate.

Bob